When Your Antivirus or Spyware Scanner Says It Can't Fix a File

Using an antivirus scanner to clean up after an infection can be a hit or miss affair if the virus or worm is already running. When you run your antivirus program, it attempts to modify (fix) or delete the offending virus file. Unfortunately, Window does not allow files that are currently running in memory to be deleted or changed, so any attempts by the AV result in failure.

using an antivirus scanner to clean up after an infection can be a hit or miss affair if the virus or worm is already running. when you run your antivirus program, it attempts to modify (fix) or delete the offending virus file. unfortunately, window does not allow files that are currently running in memory to be deleted or changed, so any attempts by the av result in failure.

to fully delete files that have been found by an antivirus, you need to stop or prevent the file from running. there are several ways to do this, but the most common way it to restart your computer under safe mode.

starting under safe mode lets you access your computer, without any startup programs. while most users will find the 640x 480, 16 color display a bit alien, windows safe mode allows you to delete files associated with processes normally during the regular windows bootup.
if you're using windows 9x/me or are running windows xp with a fat32 hard disk, you can also boot using a dos startup disk. in windows 9x/me, one of the installation options is to create a startup disk. if you didn't or can't find your old one, you can create one through the control panel/add or remove programs window. in windows xp, you can create a dos startup disk by clicking on mycomputer, selecting the floppy disk (a:\ drive). you then right click, select format, and then select create ms-dos startup disk under the format options.

once you've got a dos startup disk, you can reboot your computer and access anything on the hard drive, though you've got to know basic dos commands to do so. the other down side is that depending on the version of dos, you may not have access to long file names such as "my documents", which will show up as mydocu~1 under dos. in addition, if your hard drive is ntfs format (default for most new windows xp systems), you're out of luck, as ms-dos won't see the drive at all. ms-dos (depending on version, can only access fat16 (pre windows 98) or fat32 (post windows 98) formatted hard drives.

if you've got ntfs formatted drives, with either windows 2000 or xp, you do have some alternatives. the first is a commercial product called erd commander 2003 from winternals software lp.. erd commander 2003 is an emergency boot system (a stripped down version of windows xp), and a series of utilities that let you do system restores and change system passwords. erd commander also allows you to run certain programs, and access network and internet resources so you can actually use a web based antivirus, such as trent micro's housecall.

one alternative to the somewhat pricey erd commander, is the donation supported pe builder from bart lagerweij. to use it, you'll need a licensed copy of windows xp, and a cd burning utility to create a bootable disk, as well as some technical expertise. in its simplest form, pe builder will give you a bootable windows xp cd that gives access to anything on your window xp/nt/2000 system, such as deleting virus files.

Get Our Best Stories!

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.